Re: [PATCH 1/4] wifi: add support for FILS

From: Beniamino Galvani <bgalvani redhat com>
To: Masashi Honma <masashi honma gmail com>
Cc: networkmanager-list gnome org
Subject: Re: [PATCH 1/4] wifi: add support for FILS
Date: Wed, 3 Jan 2018 14:39:14 +0100

On Sat, Dec 23, 2017 at 07:26:03AM +0900, Masashi Honma wrote:

The FILS(Fast Initial Link Setup) is a specification defined by IEEE 802.11ai to
speed up roaming. This patch adds support of it. I have tested with both
FILS-SHA256 and FILS-SHA384 by PEAP.

Signed-off-by: Masashi Honma <masashi honma gmail com>
---
 libnm-core/nm-setting-wireless-security.c           |  9 ++++++---
 libnm-core/nm-setting-wireless.c                    |  5 +++--
 src/devices/wifi/nm-wifi-ap.c                       |  6 ++++--
 src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c |  2 +-
 src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c |  3 +++
 src/supplicant/nm-supplicant-config.c               | 13 +++++++++----
 src/supplicant/nm-supplicant-settings-verify.c      |  1 +
 7 files changed, 27 insertions(+), 12 deletions(-)

diff --git a/libnm-core/nm-setting-wireless-security.c b/libnm-core/nm-setting-wireless-security.c
index de77a49..eea0581 100644
--- a/libnm-core/nm-setting-wireless-security.c
+++ b/libnm-core/nm-setting-wireless-security.c
@@ -868,7 +868,8 @@ need_secrets (NMSetting *setting)
      }
 
      if (   (strcmp (priv->key_mgmt, "ieee8021x") == 0)
-         || (strcmp (priv->key_mgmt, "wpa-eap") == 0)) {
+         || (strcmp (priv->key_mgmt, "wpa-eap") == 0)
+         || (strcmp (priv->key_mgmt, "wpa-fils") == 0)) {
              /* Let caller check the 802.1x setting for secrets */
              goto no_secrets;
      }
@@ -887,7 +888,8 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
 {
      NMSettingWirelessSecurity *self = NM_SETTING_WIRELESS_SECURITY (setting);
      NMSettingWirelessSecurityPrivate *priv = NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (self);
-     const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-none", "wpa-psk", "wpa-eap", NULL };
+     const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-none",
+             "wpa-psk", "wpa-eap", "wpa-fils", NULL };


Hi,

please also update the documentation comment of the key-mgmt property
at the end of the file.

I have found little information about FILS, but I guess a valid use
case would be to optionally enable it by passing "key_mgmt=FILS-SHA256
FILS-SHA384 WPA-EAP" to wpa_supplicant, so that the supplicant will
fall back to WPA-EAP if the AP doesn't support FILS. Do you think this
configuration is useful at all? If so, we shouldn't have a new
key-mgmt value 'wpa-fils' but perhaps we should add a new
wifi-sec.fils boolean (or tristate) property.

Beniamino

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: [PATCH 1/4] wifi: add support for FILS
  - From: Masashi Honma

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]